You can configure Microsoft Intune to block devices that do not comply with a “standard” access to Office 365 Exchange Online email.
Here is how:
- http://manage.microsoft.com in a silverlight browser.
- Create a Compliance Policy
- Policy->Compliance Policy->Create New
Setting the Conditional Access and blocking Exchange Active Sync
- Policy->Conditional Acces->Exchange Online Policy
- Click following:
- Activate Policy for Conditional Access
- Select Specific Platforms
- Check iOS (my rules will now only apply here, rest can read email.
- Check: Require Compliance for Mobile Device
- Select “Block access to e-mail for devices not supported by Intune”
- Select “All users”
- Select “No exception users”
The iOS users will now have to enroll in order to read email and when they do they need to set a 6 digit password.
Caution with using Active Sync only:
- If the user has allready configured email, he might not be blocked.
- If the user has been associated with that device earlier, he might not be blocked.
Enrollment procedure:
- Enter Your email in the native mail client by going to settings
- You recive an email with instructions on how to get access to your mail.
Follow that instruction.
Håvard Siegel Haukeberg 
Leave a Reply